Lucene search
K

475 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 7:50 p.m.48 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Tivoli Storage Productivity Center (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Tivoli Storage Productivity Center. UPDATED 1/29/2018: Even after fixing this vulnerability some vulnerability checks might still demand for an even tighter fix. A more comprehensive fix has bee...

4.3CVSS4.5AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/10 11:7 a.m.268 views

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Control (CVE-2021-44228)

Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Control due to its use of Log4j for logging, tracing, alerting, and the local help documentation. Vulnerability Details CVEID: CVE-2021-44228...

10CVSS1.5AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/08 5:31 p.m.85 views

Security Bulletin: Vulnerability in Apache Log4j affects Netcool Operation Insight (CVE-2021-44228)

Summary A vulnerability was identified within the Apache Log4j library that is used by Netcool Operation Insight to provide logging functionality. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...

10CVSS1.2AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/01 11:37 a.m.35 views

Security Bulletin: IBM Spectrum Protect Snapshot for VMware is vulnerable to Logjam (CVE-2015-4000)

Summary IBM Spectrum Protect Snapshot for VMware is vulnerable to Logjam CVE-2015-4000 Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHEEXPORT ciphersuite choice. A...

4.3CVSS4.7AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/01 11:37 a.m.71 views

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Protect Snapshot for VMware (CVE-2021-44228)

Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect IBM Spectrum Protect Snapshot for VMware due to its use of Log4j for logging of messages and traces. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apac...

10CVSS1.7AI score0.99999EPSS
Exploits351Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/28 4:10 p.m.42 views

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM i2 Intelligence Analysis Platform (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of the IBM WebSphere Application Server used with the IBM i2 Intelligence Analysis Platform. The IBM HTTP Server used by IBM i2 Intelligence Analysis Platform is not affected. Vulnerability Details...

4.3CVSS7AI score0.9986EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.38 views

Mageia: Security Advisory (MGASA-2015-0246)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.9986EPSS
Exploits1References5
Metasploit
Metasploit
added 2022/01/20 5:42 p.m.682 views

VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)

VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux virtua...

10CVSS8.1AI score0.99999EPSS
Exploits351
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/20 9:6 a.m.153 views

Security Bulletin: Vulnerability in Apache Log4j affects IBM Operational Decision Manager (CVE-2021-44228)

Summary Rule Designer, shipped with IBM Operational Decision Manager since version 8.10.4 includes log4j-core.jar that contains the vulnerable code. The fix includes Apache Log4j 2.15. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...

10CVSS1.5AI score0.99999EPSS
Exploits351Affected Software1
0day.today
0day.today
added 2022/01/20 12:0 a.m.765 views

VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution Exploit

VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux...

10CVSS9.1AI score0.99999EPSS
Exploits351
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/17 11:34 a.m.77 views

Security Bulletin: Vulnerability in Apache Log4j affects Cloud Pak for Security (CVE-2021-44228)

Summary Cloud Pak for Security CP4S v1.9.0.0 and earlier is impacted by Log4Shell CVE-2021-44228, through the use of Apache Log4j's JNDI logging feature. This vulnerability has been addressed in the updated versions of CP4S images. Please see remediation steps below to apply fix. All customers ar...

10CVSS7.7AI score0.99999EPSS
Exploits355Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/15 11:12 a.m.34 views

Security Bulletin: Apache Log4j vulnerability affects IBM Cloud Pak for Automation (CVE-2021-44228)

Summary A remote code execution vulnerability has been reported for log4j-core-2.x libraries, which are used in various components of IBM Cloud Pak for Business Automation. Vulnerability Details CVEID:CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code...

10CVSS7.8AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/15 10:42 a.m.109 views

Security Bulletin: Rational Test Automation Server is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)

Summary Apache Log4j vulnerability associated with the Rational Performance Tester Apache JMeter™ Test Extension impacts Rational Test Automation Server. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system,...

10CVSS1.5AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/15 12:4 a.m.39 views

Security Bulletin: IBM QMF Analytics for Multiplatforms is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)

Summary Apache Log4j is used by the QMF Vision component of IBM QMF Analytics for Multiplatforms as part of its logging infrastructure and is vulnerable to arbitrary code execution CVE-2021-44228. The fix includes Apache Log4j v2.17.0. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apac...

10CVSS1.6AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/11 8:10 p.m.60 views

Security Bulletin: Vulnerabilitiy in Apache Log4jaffects IBM Observability with Instana - Server and Agents (CVE-2021-44228)

Summary Vulnerabilities detected in Apache Log4j versions before v2.16.0 affects IBM Observability with Instana. These have been addressed in both the Server and Agent components. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execute...

10CVSS1.6AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/11 5:38 p.m.111 views

Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects Engineering Lifecycle Management and IBM Engineering products

Summary There is a high risk Remote Attack Vulnerability in Apache Log4j CVE-2021-44228 which is used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Workflow Management EWM, IBM Engineering Systems...

10CVSS0.9AI score0.99999EPSS
Exploits351Affected Software9
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/10 12:57 p.m.124 views

Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC

Summary Log4j is used by IBM Power Hardware Management Console HMC for logging system/application events for diagnostics. This bulletin provides a remediation for the vulnerability, CVE-2021-44228 by upgrading IBM Power Hardware Management Console HMC respective PTF and thus addressing the exposu...

10CVSS0.8AI score0.99999EPSS
Exploits351Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/07 3:43 p.m.79 views

Security Bulletin: Vulnerability in Apache Log4j addressed in IBM Spectrum Symphony

Summary Log4j is used by IBM Spectrum Symphony for generating logs in some of its components. This bulletin provides patches for the Log4Shell vulnerability CVE-2021-44228 to IBM Spectrum Symphony. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker...

10CVSS1.6AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/04 4:53 p.m.82 views

Security Bulletin: Vulnerability in Apache Log4J adressed in Crypto Hardware Initialization and Maintenance (CVE-2021-44228)

Summary Crypto Hardware Initialization and Maintenance CHIM 3.0.0 as shipped with CCA 7.2.55 for MTM 4769 is affected by a vulnerability in Apache Log4J CVE-2021-44228. CHIM is using Apache Log4J for internal logging purposes of regular user activity. Vulnerability Details CVEID: CVE-2021-44228...

10CVSS1.1AI score0.99999EPSS
Exploits351Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/04 2:8 p.m.45 views

Security Bulletin: Rational Performance Tester (RPT) is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-44228)

Summary Apache Log4j vulnerability impacts Rational Performance Tester RPT Apache JMeter™ Test Extension. Rational Performance Tester RPT includes a vulnerable Log4j library that may be detected by a vulnerability scan. This bulletin addresses the vulnerabilities for the reported CVE-2021-44228...

10CVSS0.8AI score0.99999EPSS
Exploits351Affected Software1
Rows per page
Query Builder